Relation Insurance Services · 11 hours ago
Deputy CISO
Greensboro, NC
Full-time
Onsite
Senior Level, Lead/Staff
$200K/yr - $250K/yr
8+ years expRelation Insurance is a leading, innovative company committed to delivering cutting-edge solutions in the insurance market. The Deputy CISO, Governance, Risk & Compliance (GRC) is a senior security leader responsible for executing the organization's enterprise governance, risk, and compliance program, ensuring regulatory compliance, successful audits, and effective risk management.
ConsultingEmployee BenefitsFinancial ServicesInsuranceRetirement
Responsibilities
Leads and executes the enterprise governance, risk, and compliance program end-to-end
Operates across multiple regulatory frameworks simultaneously, ensuring successful delivery of compliance and risk outcomes
Serves as the primary point of contact for auditors, regulators, and customers on security and compliance matters
Represents the organization as the accountable security compliance leader in regulatory examinations, customer diligence reviews, and external assurance engagements
Leads enterprise audit and regulatory readiness through gap analysis, control design, policy development, evidence collection, and timely remediation closure, ensuring successful audit completion across SOC 1, SOC 2, NYDFS Part 500, HIPAA, and GDPR
Ensures timely closure of audit findings and remediation of control gaps through completion
Responsible for writing, maintaining, and enforcing all security and compliance policies, standards, and procedures
Retains ownership of control intent, rationale, and narrative consistency across audits, regulators, and customer engagements
Performs security and privacy risk assessments, control testing, and remediation tracking through completion
Responsible for maintaining enterprise data mapping, documenting data flows, systems, and third-party processors
Leads vendor privacy and security risk assessments involving regulated and personal data
Partners with legal and business stakeholders to ensure privacy governance requirements are met
Responsible for the enterprise third-party risk management program, including vendor assessments, monitoring, and remediation follow-through
Independently completes customer security questionnaires (SIG, CAIQ, and custom SAQs) and provides security narrative responses for RFPs and customer due diligence inquiries
Independently develops accurate, clear, and consistent security narratives grounded in sustained understanding of the organization’s technical and risk environment, without repeated reliance on technical or engineering resources
Partners with IT, Engineering, Legal, Privacy, Risk, and business leadership to obtain evidence and implement controls, while retaining accountability for control interpretation and compliance outcomes
Provides executive-ready reporting on audit status, compliance posture, remediation progress, and enterprise risk
Leverages AI-assisted tools and automation to improve efficiency, consistency, and scale across GRC execution, while exercising sound judgment in regulated and confidential environments
Continuously identifies opportunities to streamline GRC processes through tooling, automation, and workflow optimization
Performs other projects, duties, and tasks, as assigned
Qualification
Required
Bachelor's degree in Computer Science, Information Technology, Cybersecurity or other related field
Minimum 8 years of progressively responsible experience in information security, cybersecurity risk management, or related roles
Relevant certifications (CISSP, CISM, CISA, CRISC, HCISPP, CCSK, ISO 27001 LA/LI, or equivalent)
Demonstrated ability to operate as the accountable GRC leader in enterprise, audit, and regulator-facing environments
Extensive hands-on experience leading SOC programs from readiness through audit completion
Demonstrated experience managing HIPAA Security Rule compliance
Practical working knowledge of GDPR, including data mapping and vendor privacy risk management
Deep knowledge of SOC 1, SOC 2, NYDFS Part 500, and third-party risk management
Proven ability to independently manage audits, write policies, collect evidence, and respond to auditors and customers
Strong understanding of enterprise IT environments, cloud platforms, SaaS architectures, identity, networking, logging, and security controls
Exceptional written and verbal communication skills; comfortable interfacing with executives, auditors, regulators, and customers
Highly organized with the ability to manage multiple concurrent audits and regulatory obligations
Ability to travel as required by business need
Preferred
Master's degree in Cybersecurity or Information Systems
Prior experience as a Deputy CISO, Head of GRC, Director of GRC, or Principal GRC Lead
Experience supporting highly regulated industries such as financial services or healthcare
Benefits
Family health and wellness programs
401K
Employee assistance programs
Paid time off
Paid holidays
Company
Relation Insurance Services
Despite our size, Relation feels like a family company. Here, a handshake matters.
1001-5000 employees
H1B Sponsorship
Relation Insurance Services has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1)
2024 (1)
Funding
Current Stage
Late StageTotal Funding
unknown2019-02-21Acquired
Leadership Team
Charissa Hartmann
Chief Financial Officer
Douglas Turk
President, Specialty
Recent News
Mergers & Acquisitions
2025-11-11
2025-08-29
2025-08-26
Company data provided by crunchbase